package com.story.web.shiro.manager;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.springframework.beans.factory.annotation.Autowired;

import com.story.domain.User;
import com.story.service.IUserService;

public class UserCookieRememberManager extends CookieRememberMeManager {
	@Autowired
	private IUserService userService;
	
	@Override
	public PrincipalCollection getRememberedPrincipals(
			SubjectContext subjectContext) {
		PrincipalCollection principalCollection =  super.getRememberedPrincipals(subjectContext);
		if(principalCollection == null){
			return null;
		}
		String loginUsername = (String) principalCollection.getPrimaryPrincipal();
		User loginUser = userService.findoneByUsername(loginUsername);
		User queryUser = userService.findoneByUsernamePassword(loginUsername, loginUser.getPassword());
		if(queryUser == null){
			Session session  =SecurityUtils.getSubject().getSession();
			if(session!=null){
				session.setAttribute("rememberMeError", "密码已过期,请重新登陆!");
			}
			return null;
		}
		return principalCollection;
	}
}
